Our Products

Too Many People Ignore the Risks of Public Wi-Fi

Posted by Geraldine Hunt on Mon, Jul 23rd, 2018

Consider this. Most of us think about security when we are in large crowds. We might grip our purse a little tighter or push our wallet deep into our front pocket. If we are in line at the ATM, we make it a point to look for probing eyes around us when we punch in our PIN. Yet, so many people seem unconcerned when it comes to connecting to public Wi-Fi in a crowded environment. According to a survey by Norton Symantec last year, 60 percent of respondents feel their personal information is safe when using public Wi-Fi. The vast majority, (87%) admitted to taking security risks on public Wi-Fi such as accessing personal email, bank accounts or financial information. The largest pool of risk takers were millennials, with nearly 95 percent admitting to sharing sensitive information over open connections. Even the majority of users who were aware of the dangers said that they were willing to ignore the risks.

Even scarier is the fact that 55 percent of respondents said they would not hesitate to use free Wi-Fi as long as the signal was strong while 46 percent admitted they would use open wireless rather than wait to get a password for a secure line. While many people are turning to the use of VPNs, 75 percent in the study do not use it.

Spiceworks Survey Results

The lax attitude towards the inherent risks of public Wi-Fi is a major concern for businesses today. Spiceworks surveyed more than 500 IT pros from North America and Europe to learn about the concern they have for their users and public Wi-Fi. Those involved in the study represented organizations of various sizes and industries. They found that 61 percent of those organizations involved in the survey said that their employees connect company devices to public Wi-Fi networks when working outside of the office. These networks included hotels, airports, and cafes. The majority of respondents, 64% said they were confident that their users were aware of the dangers in connecting to public Wi-Fi. An equal number were confident that their users utilized some sort of VPN to secure their data.

Despite their seeming display of confidence in the Wi-Fi etiquette of their users, only half of those surveyed were confident that the data contained on company devices was adequately protected enough for Wi-Fi environments. In the survey, 12 percent of IT pros reported that their organization had experienced a security incident involving employees and public Wi-Fi. Another 34% could not say for sure whether a security incident had occurred as they admitted that many security incidents go unreported, as most users would not be aware that their session had been compromised.

The Risks

The old expression, don’t leave the barn door open applies to public Wi-Fi as open unencrypted Wi-Fi networks are an open invitation for hackers. Just as an inconspicuous thief may be hiding in the congested subway or tourist area to pickpocket an unsuspecting pedestrian, hackers like to hang out in public Wi-Fi areas and target an incautious victim. Of course, the word hacker in this instance is used as a very general term as it does not take a highly trained experienced person to attack devices in an open Wi-Fi environment. There are many toolkits that novice hackers can download to perform malicious acts.

Most common public Wi-Fi risks

Shoulder Surfing

Not all hacking methods are technical in nature. A wrongdoer sitting at the table behind you can easily peer over your shoulder to view your activity, and they won’t be necessarily looking at your screen. In many cases, they are watching your keyboard to discern the credentials you may be typing in to access your email, social media or bank account.

Rogue Hotspots

Also referred to as an evil twin, hackers create phony hotspots to entice users to come to them. In this case, they may broadcast an SSID that emulates the name of the establishment they happen to be in such as “Starbucks Guest” or “Holiday Inn.” The premise is that users will simply assume that these SSIDs represent the establishment themselves.

File Sharing

Far too many users have file sharing enabled on their computers. This makes it easy for perpetrators to connect to your folders and steal files or deposit malicious files that can contain malware. These can be used to take control of your machine, deposit a keylogger, crypto malware or ransomware.

Intercepting Messages

By using a simple packet sniffer, someone can intercept and monitor your web traffic. This can enable them to capture personal information on you. A hacker can also alter the information in your data stream as well such as change the delivery address of an order you just placed.

Malware

Another risk of public Wi-Fi is the simple lack of internet web filtering. While most enterprises today utilize some sort of web filtering solution to circumvent malware downloads, most public Wi-Fi networks do not offer any sort of web security protection for their Internet access.

Sometimes your only option might be an unsecured, free, public Wi-Fi hotspot, and your work simply cannot wait. If that’s the case, understanding the risks of unsecured public Wi-Fi may prevent you from falling victim to an attack. It’s important that individual users and employers take the risks associated with public WiFi networks more seriously. A few simple relatively inexpensive steps could save you from massive amounts of data theft.